In spite of all efforts to improve software security, vulnerabilities are still distributed in software. While producing secure software, there are problems with not only purely technical practices but also non-technical practices, such as organizational, behavioral, and governance aspects. People, who make decisions have less understanding of non-technical practices. In this project, you will explore which non-technical practices are involved in the secure software methodologies and the methods used to provide evidence of the effectiveness of these practices.
Develop a language with simple grammar that will allow especially non-technically inclined people to write instructions to create an ADT.
With a new methodology, you’ll research on some nice results from studying zero-day fixes in Github. The methodology is almost ready but obvious reasons we don’t publish the details here.
We have a fast and new methodology to find zero-day vulnerabilities in public Github projects. With our guidance, you’ll verify the existence of vulnerabilities and participate in submitting the CVEs and writing the papers. The methodology is almost ready but obvious reasons we don’t publish the details here.
